Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/5aa4dc-d184-4db4-9e10-49f981ee5981/1/pj7U8dqiaO_fTtDXsNGZdfltayE.roa
File: pj7U8dqiaO_fTtDXsNGZdfltayE.roa (raw, json)
Hash identifier: g9agYZACC1vFQpUPiEjgpj3J1AL1eG2K5FAnOgY0bdM=
Subject key identifier: A6:3E:D4:F1:DA:A2:68:EF:DF:4E:D0:D7:B0:D1:99:75:F9:6D:6B:21
Certificate issuer: /CN=55baf26967510b3c52e46d1dc593967cdf29f9c9
Certificate serial: 019A53BCF3481AD054B64DC6A49294AE182A
Authority key identifier: 55:BA:F2:69:67:51:0B:3C:52:E4:6D:1D:C5:93:96:7C:DF:29:F9:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VbryaWdRCzxS5G0dxZOWfN8p-ck.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/5aa4dc-d184-4db4-9e10-49f981ee5981/1/pj7U8dqiaO_fTtDXsNGZdfltayE.roa
Signing time: Wed 05 Nov 2025 11:18:03 +0000
ROA not before: Wed 05 Nov 2025 11:18:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 83.147.194.0/24 maxlen: 24
91.186.220.0/22 maxlen: 22
94.241.160.0/23 maxlen: 24
178.253.38.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/5aa4dc-d184-4db4-9e10-49f981ee5981/1/VbryaWdRCzxS5G0dxZOWfN8p-ck.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/5aa4dc-d184-4db4-9e10-49f981ee5981/1/VbryaWdRCzxS5G0dxZOWfN8p-ck.mft
rsync://rpki.ripe.net/repository/DEFAULT/VbryaWdRCzxS5G0dxZOWfN8p-ck.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Nov 2025 08:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:53:bc:f3:48:1a:d0:54:b6:4d:c6:a4:92:94:ae:18:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=55baf26967510b3c52e46d1dc593967cdf29f9c9
Validity
Not Before: Nov 5 11:18:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a63ed4f1daa268efdf4ed0d7b0d19975f96d6b21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:7d:7b:44:a7:5c:71:da:a0:a0:42:f6:25:df:
ea:0a:76:52:34:10:05:5f:d6:99:7c:d8:84:2f:82:
5b:d8:04:cd:dc:07:99:57:60:63:4c:9e:70:82:28:
a6:c2:e4:67:a7:97:70:f3:ad:0c:74:82:d1:59:1b:
d4:00:50:c0:d8:7b:ac:e1:30:bd:c7:62:69:e5:a5:
8b:9e:0a:13:d6:99:be:e1:d5:c3:76:a4:20:00:c9:
0e:e3:3a:b0:a0:5d:3b:b7:a8:13:57:a9:5f:5e:53:
ab:a1:7c:cd:9b:85:9c:bd:e9:50:d4:d1:0a:45:8d:
81:58:ee:d6:ab:ae:7c:f7:02:ea:70:6b:0c:ee:02:
47:36:21:33:9f:5d:6a:04:ea:8a:4f:c9:41:25:f9:
f0:f2:47:88:f3:91:17:6c:02:3d:a8:f8:d6:bf:de:
04:72:6d:c7:42:42:af:22:5b:d4:5d:41:76:85:8c:
05:98:8d:0f:f5:85:87:6b:44:5a:12:7f:a6:ad:e5:
86:43:3c:89:8f:2e:8f:6a:5b:65:6e:54:5f:5b:30:
7a:63:6a:67:bd:a8:52:d5:63:13:2c:1c:ee:ec:99:
3d:53:3c:bb:1b:8c:e1:01:51:35:5f:bd:30:4c:34:
dd:68:df:dd:f7:ac:4d:ac:8e:86:26:9a:8c:7c:cf:
e7:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:3E:D4:F1:DA:A2:68:EF:DF:4E:D0:D7:B0:D1:99:75:F9:6D:6B:21
X509v3 Authority Key Identifier:
keyid:55:BA:F2:69:67:51:0B:3C:52:E4:6D:1D:C5:93:96:7C:DF:29:F9:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VbryaWdRCzxS5G0dxZOWfN8p-ck.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/5aa4dc-d184-4db4-9e10-49f981ee5981/1/pj7U8dqiaO_fTtDXsNGZdfltayE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/5aa4dc-d184-4db4-9e10-49f981ee5981/1/VbryaWdRCzxS5G0dxZOWfN8p-ck.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.194.0/24
91.186.220.0/22
94.241.160.0/23
178.253.38.0/23
Signature Algorithm: sha256WithRSAEncryption
12:05:e5:55:28:1e:3c:71:46:8d:23:63:89:f9:4a:55:80:7b:
0f:e5:d2:55:e7:d2:43:ca:97:14:24:cc:76:a8:d0:b2:a9:59:
d2:19:64:e5:37:dc:cd:15:61:9a:5f:da:b8:f0:8d:32:a7:67:
04:dc:e1:bf:4c:aa:a2:c8:3d:7c:b8:e8:11:9b:45:92:a0:b7:
45:95:d5:57:ed:55:2e:60:91:97:98:d3:aa:c0:06:de:cc:71:
22:b1:04:f3:38:50:a5:be:51:91:db:7a:ed:1a:39:a9:a5:8c:
e0:52:39:9d:1f:f4:2d:22:bd:1c:64:e6:a6:6c:8f:f9:fc:07:
56:ee:49:69:12:11:09:60:c9:c9:31:8a:ea:66:9f:eb:5e:73:
15:8f:fb:e5:2a:b0:83:9b:54:bb:d9:34:5c:d0:b9:13:62:ef:
a9:82:56:77:0f:40:29:1c:05:fb:7f:60:b2:d8:d9:c1:60:fb:
c2:0f:07:17:2b:f0:25:b4:75:2d:18:84:b6:ea:2d:9e:dd:ec:
82:00:8e:b4:cd:00:5e:33:38:c6:ba:e2:53:86:78:80:19:5b:
0a:bb:f8:cf:76:6d:4f:d7:8f:d8:26:b9:bd:9d:ff:76:5b:81:
6f:a2:df:bf:ea:ff:54:e0:bd:fd:e1:c9:ac:15:85:91:af:a0:
ef:e3:47:46
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZpTvPNIGtBUtk3GpJKUrhgqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1YmFmMjY5Njc1MTBiM2M1MmU0NmQxZGM1OTM5NjdjZGYy
OWY5YzkwHhcNMjUxMTA1MTExODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjNlZDRmMWRhYTI2OGVmZGY0ZWQwZDdiMGQxOTk3NWY5NmQ2YjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqH17RKdccdqgoEL2Jd/qCnZSNBAF
X9aZfNiEL4Jb2ATN3AeZV2BjTJ5wgiimwuRnp5dw860MdILRWRvUAFDA2Hus4TC9
x2Jp5aWLngoT1pm+4dXDdqQgAMkO4zqwoF07t6gTV6lfXlOroXzNm4WcvelQ1NEK
RY2BWO7Wq6589wLqcGsM7gJHNiEzn11qBOqKT8lBJfnw8keI85EXbAI9qPjWv94E
cm3HQkKvIlvUXUF2hYwFmI0P9YWHa0RaEn+mreWGQzyJjy6PaltlblRfWzB6Y2pn
vahS1WMTLBzu7Jk9Uzy7G4zhAVE1X70wTDTdaN/d96xNrI6GJpqMfM/nAQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKY+1PHaomjv307Q17DRmXX5bWshMB8GA1UdIwQY
MBaAFFW68mlnUQs8UuRtHcWTlnzfKfnJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVmJyeWFXZFJDenhTNUcwZHhaT1dmTjhwLWNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS81YWE0ZGMtZDE4NC00ZGI0LTllMTAt
NDlmOTgxZWU1OTgxLzEvcGo3VThkcWlhT19mVHREWHNOR1pkZmx0YXlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS81YWE0ZGMtZDE4NC00ZGI0LTllMTAtNDlmOTgxZWU1OTgx
LzEvVmJyeWFXZFJDenhTNUcwZHhaT1dmTjhwLWNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAU5PCAwQC
W7rcAwQBXvGgAwQBsv0mMA0GCSqGSIb3DQEBCwUAA4IBAQASBeVVKB48cUaNI2OJ
+UpVgHsP5dJV59JDypcUJMx2qNCyqVnSGWTlN9zNFWGaX9q48I0yp2cE3OG/TKqi
yD18uOgRm0WSoLdFldVX7VUuYJGXmNOqwAbezHEisQTzOFClvlGR23rtGjmppYzg
UjmdH/QtIr0cZOambI/5/AdW7klpEhEJYMnJMYrqZp/rXnMVj/vlKrCDm1S72TRc
0LkTYu+pglZ3D0ApHAX7f2Cy2NnBYPvCDwcXK/AltHUtGIS26i2e3eyCAI60zQBe
MzjGuuJThniAGVsKu/jPdm1P14/YJrm9nf92W4Fvot+/6v9U4L394cmsFYWRr6Dv
40dG
-----END CERTIFICATE-----
Generated at Fri Nov 7 11:42:37 2025 by rpki-client